A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.* External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694
Acknowledgments: Name: the Mozilla project Upstream: Jeremy Fetiveau (SSD Secure Disclosure)